<?php
/**
 * Description: 更改密码
 * User: devforma
 * Date: 15/1/6
 * Time: 12:08
 */
require LIB_DIR.'/phpass.class.php';

class UserPswdUpdate implements iController {
    /**
     * api请求处理主函数
     * @param array $queryArgs 就是$_REQUEST变量
     * @return array api返回结果，必须含response_code
     */
    public function output($queryArgs) {
        global $uddb;
        
        if (validateUser($queryArgs) != 1
        || empty($queryArgs['old_pswd']) || empty($queryArgs['new_pswd'])) {
            return genOutput(1000);
        }
        
        $sql = "SELECT `user_pass`,`ID` FROM `{$uddb->userAuthInfo}`
                WHERE ID={$queryArgs['user_id']}";
        $user = $uddb->getRow($sql);
        if (empty($user)) return genOutput(1000);
        
        $oldPass = passDecrypt($queryArgs['old_pswd'], ENCRYPTION_KEY);
        $newPass = passDecrypt($queryArgs['new_pswd'], ENCRYPTION_KEY);

        $phpass = new PasswordHash(8, true);
        if ($phpass->CheckPassword($oldPass, $user->user_pass)) { //旧密码有效
            $uddb->update($uddb->userAuthInfo,
                              array('user_pass' => $phpass->HashPassword($newPass)),
                              array('ID' => $user->ID)
                              );
            return genOutput(1);
        } else {
            return genOutput(1000);
        }
    }
}